protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, VmsAuthorizationRequirement requirement)
{
try
{
var accountId = context.User.FindFirst(c => c.Type == VmsClaimTypes.AccountId && c.Issuer == AppSettings.JwtIssuer).Value;
// todo: checking banned token
if (requirement.FunctionCodes == string.Empty)
{
context.Succeed(requirement);
return(Task.CompletedTask);
}
var functionIds = context.User.FindFirst(c => c.Type == VmsClaimTypes.FunctionIds && c.Issuer == AppSettings.JwtIssuer)
.Value.SplitByCommonChars();
if (functionIds.Length == 0)
{
context.Fail();
return(Task.CompletedTask);
}
var apiFunctionCodes = requirement.FunctionCodes.SplitByCommonChars();
foreach (var apiFunctionCode in apiFunctionCodes)
{
var functionCode = _functionRepository.GetFunctionByCodeAsync(apiFunctionCode).GetAwaiter().GetResult();
if (functionCode != null && functionIds.Contains(functionCode.FunctionId.ToString()))
{
context.Succeed(requirement);
return(Task.CompletedTask);
}
}
context.Fail();
}
catch (Exception)
{
context.Fail();
}
return(Task.CompletedTask);
}
